Re: kernel module loading vs securelevel

On Mon, 18 Oct 2010 09:31:32 -0400
Steven Bellovin <smb%cs.columbia.edu@localhost> wrote:
> Signatures provide *authentication*; what is needed here is *authorization*.
While I agree, there also are situations were both can be welcome...
Another solution someone proposed which I like is hashing the modules
to then at load time rehash and match a module against the hash set,
which would be a simpler, shorter-term solution. I think that
embedding the hashes set in the kernel image would be safer than using
a file, however. Unfortunately, this makes developing, installing or
upgrading a module less friendly as the kernel image has to be
refreshed and the system rebooted.
--
Matt